Commands Reference, Volume 5

smsigncert Command

Purpose

Processes certificate requests and generates certificates.

Syntax

smsigncert dir { -a | -s server_name} [ -e mm/dd/yyyy]

Description

The smsigncert command can be run on a machine that has been defined as internal certificate authority (CA). The command uses the CA private key to process certificate requests (*.certreq files) and generate certificates (*.cert files). You can process the request of one server, or all server requests in the specified directory dir.

You can use Web-based System Manager (wsm) command to access the graphical interface.

Flags

dir	The directory where the certificate requests (.certreq files) reside, and to which the certificates (.cert files) will be written.
-a	All certificate requests (*.certreq files) in the specified dir directory will be processed. For each certificate request (S.certreq), a certificate S.cert will be generated in the specified dir directory.
-s server_name	The full TCP/IP name of the server whose certificate request (server_name.certreq in the specified dir directory) will be processed.
-e mm/dd/yyyy	Expiration date for the server certificates. The default expiration date is two years from the date of issuing the command.

Examples

smsigncert /usr/websm/security/tmp S101.IBM.COM -e 12/31/1999

smsigncert /usr/websm/security/tmp -a

Files

/usr/websm/security/SMCa.log

Lists detailed information on all operations executed by the CA.

Related Information

The smcaprop, smdefca, smexpcacert, smlistcerts, and the smundefca command.

For information on installing the Web-based System Manager, see Chapter 2: Installation and System Requirements in AIX 5L Version 5.2 Web-based System Manager Administration Guide.